CVE-2026-23443

EUVD-2026-18686
In the Linux kernel, the following vulnerability has been resolved:

ACPI: processor: Fix previous acpi_processor_errata_piix4() fix

After commi f132e089fe89 ("ACPI: processor: Fix NULL-pointer dereference
in acpi_processor_errata_piix4()"), device pointers may be dereferenced
after dropping references to the device objects pointed to by them,
which may cause a use-after-free to occur.

Moreover, debug messages about enabling the errata may be printed
if the errata flags corresponding to them are unset.

Address all of these issues by moving message printing to the points
in the code where the errata flags are set.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.159-1
fixed
bookworm (security)
6.1.164-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.251-1
fixed
forky
6.19.10-1
fixed
sid
6.19.10-1
fixed
trixie
6.12.73-1
fixed
trixie (security)
6.12.74-2
fixed
References
https://git.kernel.org/stable/c/2e369ba9eb7b8a06e9cc35a3e7fe73e59272f8c2
https://git.kernel.org/stable/c/8583f62259e1b315d5239371adfb36939cdab741
https://git.kernel.org/stable/c/98473309a36acc271009b85e0bb53a4c0dddf5c2
https://git.kernel.org/stable/c/bf504b229cb8d534eccbaeaa23eba34c05131e25
https://git.kernel.org/stable/c/e0c470049344e9346fff79d7e2362212c216665e
https://git.kernel.org/stable/c/edf4c2aaee08e8fd503fbae705c801e92a0b55d7